https://www.aquasec.com/tag/serverless-security/ Cloud Native Security, Container Security & Serverless Security Mon, 15 Jul 2024 09:33:16 +0000 en-US hourly 1 https://wordpress.org/?v=6.5.5 https://www.aquasec.com/blog/thoughtworks-cloud-security-vulnerability-scanning/ Fri, 24 Sep 2021 09:15:00 +0000 https://www.aquasec.com/?p=15143 Many companies, in an effort to modernize their software and cloud tech stacks, are beginning to confront the challenges of managing security across multiple cross-functional, yet independent, teams – each with diverse tech stacks. One such example is Thoughtworks, a leading global technology consultancy that works with enterprises to enable them to keep pace with …]]> https://www.aquasec.com/blog/aws-lambda-container-security/ Tue, 01 Dec 2020 16:57:19 +0000 https://www.aquasec.com/?p=15415 Amazon continues to build new capabilities into its serverless operational mode and has launched container image support in AWS Lambda. It enables packaging and deploying Lambda functions as container images. Building on our strong partnership with AWS and our desire to offer the most complete cloud-native security solution, Aqua Security now includes advanced security capabilities …]]> https://www.aquasec.com/blog/aws-lambda-security/ Thu, 30 Jan 2020 13:17:43 +0000 https://www.aquasec.com/?p=15651 With serverless functions architecture gaining in popularity, it is also becoming clear that the architecture is not without its security drawbacks. Overly permissive permissions, vulnerability in the functions’ code, and embedded secrets could all be exploited. Despite being event-triggered and ephemeral by nature, serverless functions can still be subject to unauthorized activity such as event …]]> https://www.aquasec.com/blog/serverless-security-aws-lambda/ Tue, 18 Jun 2019 08:57:00 +0000 https://www.aquasec.com/?p=15809 In order to protect serverless functions while they are running, you need to consider the very short execution times and ensure that you’re not slowing down applications or increasing cloud usage costs. In Aqua CSP 4.2, we’ve now introduced advanced runtime protection that does just that, while complementing our existing risk assessment, function scanning, and …]]> https://www.aquasec.com/blog/knative-serverless-for-kubernetes/ Tue, 16 Apr 2019 10:12:00 +0000 https://www.aquasec.com/?p=15840 Knative is the newest member of serverless environments that is gaining significant interest and generating a great deal of hype in the Kubernetes/Cloud Native community. It’s an open source framework that was designed to enable the development and deployment of container-based serverless applications that are easy to transport between cloud providers. The GA version of …]]> https://www.aquasec.com/blog/serverless-functions-security/ Mon, 04 Mar 2019 12:14:00 +0000 https://www.aquasec.com/?p=15859 Serverless is generating significant interest and hype, backed up by real-world adoption, and creating a need for better security controls. I’ve been working with our customers to create the right approach and tooling to protect their FaaS environments ,and from this research, given the extremely short duration of function execution (in many cases, sub-second) and …]]> https://www.aquasec.com/blog/amazon-firecracker-serverless-container-security/ Thu, 24 Jan 2019 12:56:36 +0000 https://www.aquasec.com/?p=15880 Infrastructure protection, sandboxed containers, MicroVM hypervisors– these are interchangeable terms describing emerging technologies to isolate micro-services from their underlying infrastructure. These isolation technologies aim to protect the underlying host that runs containers and functions against malicious escape and breakout attempts into other targets on the same host or on the shared infrastructure. They attempt to provide VM-level isolation …]]> https://www.aquasec.com/blog/serverless-security-faas-risk-assessment/ Tue, 13 Nov 2018 11:00:00 +0000 https://www.aquasec.com/?p=15919 In my previous blog, I discussed the serverless services spectrum and the unique security considerations of serverless functions. In this post, I’d like to elaborate on the importance of preliminary risk assessment checks and their contribution to an effective security strategy, based on lessons learned in containerized workloads environments. Examining customer security strategies in containerized …]]> https://www.aquasec.com/blog/istio-kubernetes-service-mesh/ Tue, 06 Nov 2018 14:52:22 +0000 https://www.aquasec.com/?p=15925 Istio, Google’s open source project for large scale, containerized application management was released in May 2017 and has undergone rapid development since then, culminating in the landmark 1.0 release in July 2018. In this blog post we will be exploring what Istio is, how it works and how to adopt it. In subsequent articles in …]]> https://www.aquasec.com/blog/securing-serverless-persistent-security-for-ephemeral-environments/ Thu, 23 Aug 2018 05:09:15 +0000 https://www.aquasec.com/?p=15946 Cloud native workloads terminology is used a lot these days to describe new technologies and deployment models of applications in the cloud universe. Serverless is a notable example of such cloud native-workloads: it prioritizes simplicity and agility over compatibility, control, and performance SLAs. It’s a revolutionary concept that abstracts away infrastructure concerns and provides a …]]>